Interesting line from Zoom Video Communication’s SEC filing:
Many governments have enacted laws requiring companies to provide notice of data security incidents involving certain types of personal data. In addition, some of our customers require us to notify them of data security breaches. Security compromises experienced by our competitors, by our customers or by us may lead to public disclosures, which may lead to widespread negative publicity. In addition, we have a high concentration of research and development personnel in China, which could expose us to market scrutiny regarding the integrity of our solution or data security features. Any security compromise in our industry, whether actual or perceived, could harm our reputation, erode confidence in the effectiveness of our security measures, negatively affect our ability to attract new customers and hosts, cause existing customers to elect not to renew their subscriptions or subject us to third-party lawsuits, regulatory fines or other action or liability, which could harm our business.
Seems Zoom has a lot of reasons to be concerned about security:
- “Zoom Lets Attackers Steal Windows Credentials via UNC Links” – Bleeping Computer
https://www.bleepingcomputer.com/news/security/zoom-lets-attackers-steal-windows-credentials-run-programs-via-unc-links/ - FBI warns on Zoom conference security – FCW
New teleworkers can unintentionally open up videoconferences to unwanted intruders, warns the FBI.
https://fcw.com/articles/2020/03/31/zoom-bombers-fbi-rockwell.aspx?oly_enc_id= - Zoom is a work-from-home privacy disaster waiting to happen – Mashable
The video conferencing services is a privacy minefield.
https://mashable.com/article/zoom-conference-call-work-from-home-privacy-concerns - Zoom is leaking email addresses and photos of users to strangers. – Vice
Zoom has treated some users who sign up with personal email addresses as if they’re all part of the same company, letting them video call and see each other’s info.
https://www.vice.com/en_us/article/k7e95m/zoom-leaking-email-addresses-photos - Zoom Meetings Do Not Support End-to-End Encryption – The Intercept
The video conferencing service can access conversations on it’s platform.
https://theintercept.com/2020/03/31/zoom-meeting-encryption/ - Beware of ‘ZoomBombing’: screensharing filth to video calls” – TechCrunch
https://techcrunch.com/2020/03/17/zoombombing/ - Zoom iOS App Sends Data to Facebook Even if You Don’t Have a Facebook Account – Vice
Zoom’s privacy policy isn’t explicit about the data transfer to Facebook at all.
https://www.vice.com/en_us/article/k7e599/zoom-ios-app-sends-data-to-facebook-even-if-you-dont-have-a-facebook-account - Zoom faces a privacy and security backlash as it surges in popularity – The Verge
https://www.theverge.com/2020/4/1/21202584/zoom-security-privacy-issues-video-conferencing-software-coronavirus-demand-response - What Zoom doesn’t understand about the Zoom backlash – The Verge
It’s sold like an enterprise app, but it sure doesn’t act like one
https://www.theverge.com/platform/amp/interface/2020/4/2/21202984/zoom-backlash-zoombombing-encryption-exploits-consumerization-of-it - Elon Musk’s SpaceX bans Zoom over privacy concerns -memo
https://www.reuters.com/article/us-spacex-zoom-video-commn/elon-musks-spacex-bans-zoom-over-privacy-concerns-memo-idUSKBN21J71H - Laguna Beach City Council meeting is bombed on Zoom with pornography
https://www.ocregister.com/2020/04/01/laguna-beach-city-council-meeting-is-bombed-on-zoom-with-pornography/ - New York City schools ban Zoom due to security concerns and shift to Microsoft Teams – Geekwire
https://www.geekwire.com/2020/new-york-city-schools-ban-zoom-due-security-concerns-shift-microsoft-teams/
kurtsh
Kurt's Thoughts 